CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
June 8, 2026
SolarWinds patches actively exploited Serv-U DoS bug CVE-2026-28318 while CISA adds it to the KEV catalog and orders remediation at
Cybersecurity
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
SolarWinds patches actively exploited Serv-U DoS bug CVE-2026-28318 while CISA adds it to the KEV catalog and orders remediation at federal civilian agencies.
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
Volexity found Chinese APT VerdantBamboo used new PLENET and AGENTPSD malware to maintain 18 months of undetected Microsoft 365 access via MSP compromise.
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
CoinbaseCartel posted Cambridge Mobile Telematics on its dark web leak site, threatening to expose driving behavior data for millions of insured drivers.
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
Anubis ransomware used its WIPEMODE against a US estate law firm and UK contractor; Nova claimed an Indian hospital and Securotrop hit Kriete Truck Centers.
DNS Tunneling: How Attacks Work, Detection, and Prevention
DNS tunneling hides malicious traffic inside DNS queries to evade firewalls. Learn how attacks work, how to detect them, and how to stop them.
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Cisco disclosed CVE-2026-20245, a command injection zero-day in Catalyst SD-WAN Manager enabling root access via file upload, with no patch available.
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
Five Eyes agencies warn Chinese military intelligence is using fake job listings on LinkedIn to recruit government and military insiders for espionage.
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
JFrog researchers discovered IronWorm, a Rust-based infostealer with an eBPF rootkit, injected into 36 npm packages to steal AI API keys and self-propagate.
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
AppEsteem found a Monero cryptominer bundled inside Hola Browser's Windows installer, hidden as a Windows service and excluded from Windows Defender scanning.
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
Russia's Supreme Court will consider designating Belarusian Cyber Partisans and Silent Crow as extremist groups following the 2025 Aeroflot cyberattack.
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
June 8, 2026
Volexity found Chinese APT VerdantBamboo used new PLENET and AGENTPSD malware to maintain 18 months of undetected Microsoft 365 access
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
June 8, 2026
CoinbaseCartel posted Cambridge Mobile Telematics on its dark web leak site, threatening to expose driving behavior data for millions of
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
June 8, 2026
Anubis ransomware used its WIPEMODE against a US estate law firm and UK contractor; Nova claimed an Indian hospital and
DNS Tunneling: How Attacks Work, Detection, and Prevention
June 8, 2026
DNS tunneling hides malicious traffic inside DNS queries to evade firewalls. Learn how attacks work, how to detect them, and
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
June 5, 2026
Cisco disclosed CVE-2026-20245, a command injection zero-day in Catalyst SD-WAN Manager enabling root access via file upload, with no patch
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
June 5, 2026
Five Eyes agencies warn Chinese military intelligence is using fake job listings on LinkedIn to recruit government and military insiders
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
June 5, 2026
JFrog researchers discovered IronWorm, a Rust-based infostealer with an eBPF rootkit, injected into 36 npm packages to steal AI API
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
June 5, 2026
AppEsteem found a Monero cryptominer bundled inside Hola Browser’s Windows installer, hidden as a Windows service and excluded from Windows
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
June 5, 2026
Russia’s Supreme Court will consider designating Belarusian Cyber Partisans and Silent Crow as extremist groups following the 2025 Aeroflot cyberattack.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.